Monday, August 23, 2004
Secret Vote? You Don't Know the Half of It 
by Lenka Reznicek [permalink] 
November's presidential election marks the advent of widespread use of electronic voting booths, but many believe the systems are flawed and inadequately regulated, and may be highly vulnerable to tampering. Founder of Verified Voting.org, Stanford computer science professor David Dill commented on CNN.com:
"Suppose you had a situation where ballots were handed to a private company that counted them behind a closed door and burned the results," said Dill, founder of VerifiedVoting.org. "Nobody but an idiot would accept a system like that. We've got something that is almost as bad with electronic voting."
VerifiedVoting.org's website contains some frightening accounts of election board indifference, electronic voting machine myths and miscounts in recent elections, and has a wealth of information on verified-voting legislation and regulation reform. Here is an excerpt their site, regarding electronic voting misconceptions:
Myth: E-voting machines cannot be hacked because they are not connected to the Internet.

Fact: Computer systems can be hacked in many ways without using the Internet. Making systems secure against outsiders, such as voters and poll workers, is very hard, and, as multiple studies have shown, the current e-voting systems fail miserably. However, making them secure against INSIDERS, possibly even the programmers themselves, is close to impossible. The way we make systems honest is to enable truly independent audits. Each voter should be able to check that his or her vote is recorded correctly, and it should be possible to count the paper ballots manually to double-check any machine counts. Some e-voting machines are believed to have wireless connectivity that might enable Internet access with or without the knowledge of poll workers and election officials.

Myth: Receipts will enable voters to prove how they voted to someone outside the polling place, enabling vote influencing or selling schemes.

Fact: This concern is based on a misunderstanding. Voter-verified paper ballots must be deposited in a secure ballot box in the polling place, even though some people call VVPBs "receipts." There is no more risk of vote selling with optical scan ballots or ballots printed on a touch-screen machine than with other kinds of ballots. There is much less risk of vote selling than with absentee ballots.

Myth: Voter-verified paper trails "would force voters with disabilities to go back to using ballots that provide neither privacy nor independence, thereby subverting a hallmark of the HAVA legislation."

Fact: So far as we know, no one is proposing to suspend or delay the HAVA requirement that there be at least one accessible voting system ineach polling place by 2006. Paper ballot systems can be made accessible in several ways: There is a touch-screen interface for optical scan ballots (described above); touch-screens that print paper ballots can also have equipment to read those ballots back to voters using an audio interface; "ballot on demand" systems that print blank optical scan ballots as needed in the polling places can also have accessible interfaces that allow voters to make their ions on the computer, then print out a ballot that is marked appropriately; and there are even low-tech ballot "tactile ballots" that have been used in Rhode Island and several countries to make optical scan systems accessible without computers.

Myth: "There has never been a documented case anywhere in the country where an electronic voting machine has produced an inaccurate tally of the votes."

Fact: This statement is misleading at best. There are many cases where e-voting machines appear to have RECORDED votes inaccurately, including the 2002 election in Wake County, North Carolina where 436 votes were lost because of a software bug. The use of the word "tally" is perhaps a semantic trick, meaning that incorrectly recorded votes were then totaled correctly. If so, it misses the point that the vote totals fail to represent how the voters voted.

Myth: E-voting machines are not computers, so they are not subject to problems of computer security.

Fact: Florida Secretary of State Glenda Hood actually said this. It is a totally incorrect statement. The most widely used models machines have the same microprocessors that are used in PCs. By any reasonable definition, they are computers that execute computer programs, so they are subject to the same hardware and software bugs, and the same security issues, as all other computers. Just because they don't normally have a keyboard or mouse attached does not mean that they are not computers.
If you've ever had problems with an electronic bill or account - who hasn't? - or had your groceries "scan" with an incorrect price at the cash register, you can see how dangerous it can be to rely on untraceable electronic data for counting votes. Even with all the fuss about "hanging chads," Election Day is still a time we should prefer "paper" to "plastic."